Network Intrusion Detection Using Machine Learning

Daniel Faggella is the founder and CEO at Emerj. Called upon by the United Nations, World Bank, INTERPOL, and many global enterprises, Daniel is a sought-after expert on the competitive strategy implications of AI for business and government leaders.

Episode Summary: When Google’s DeepMind won against one of the best modern Go champions, is used multiple AI approaches and exposed gaps in some individual strategies. This even has shed more light on AI, but also on the utility in combining approaches to AI for individual problems. Data security is one of these problem areas where multiple AI approaches is being used to make our information safer. Dr. Sal Stolfo has been a professor at Columbia in Computer Science since 1972 and is now also the CEO of Allure Security, with a focus on engineering network intrusion detection solutions using AI applications. In this episode, Stolfo talks about the various styles of AI and statical methods that have been and are being used to detect malicious activity, as well as how he believes the future of security is going to have to adapt as increasing amounts of data become available.

Brief Recognition: Sal Stolfo is professor of Computer Science at Columbia University. He received his Ph.D. from NYU Courant Institute in 1979 and has been on the faculty of Columbia since. He has published several books and well over 250 scientific papers since, and received several winning best paper awards, in the areas of parallel computing, AI knowledge-based systems, data mining and most recently computer security and intrusion detection systems. He has been granted 33 patents in the areas of parallel computing and database inference and computer security; most have been licensed or sold. His research has been supported by DARPA, NSF, NSA, CIA, and several other companies and state agencies. His most recent research is devoted to payload anomaly detection for zero-day exploits, secure private querying, private and anonymous network trace synthesis for Predict.org, symbiotic embedded machines, automatic bait generation for trap-based defense to mitigate the insider threat and multi-core parallel computing.

Current Affiliations: Professor of Computer Science at Columbia University

Interview Highlights:

(2:11) Being someone who started off in the research space – what types of, or applications of, AI are really most prevalent in security today?

(5:41) This AI that we’re talking about (deception security), it sounds like if we’re just duplicating a file it’s not, but it sounds like you’re (rather) creating a system…

(8:48) So when you have Chrome open…when it is you, what programs are generally running, and what do you do when your mouse when something’s loading – is it all of these various micro-activities about how one generally works (that is active authentication)?

(9:45) I imagine determining the wheat from the chaff on that is an interesting process, i.e. which particular facets of program use and mouse gestures…are really indicative of an individual, and which have too much overlap…this was probably a pretty big sift for you…

(12:58) Allowing the machine to pick up on what are the most genuinely differentiating factors from person to person and allowing it to really snip out those meaningful patterns…would I be correct in saying this is an unsupervised activity in some regard?

(18:38) We’re talking about AI approaches leveraged successfully or unsuccessfully for the purposes of security…what sorts of malicious AI exist out there in the world, what kinds of approaches are becoming more popular for “the bad guys”?

(21:35) Where does game theory play into AI and how do you see the crossover?

(24:16) It sounds like you’re of the belief that the thought of my chess move, your chess move…shouldn’t be an accepted norm, but that we ought find ways to…squelch ongoing attacks in a more effective manner…

Related posts (5)

Episode Summary: This episode's guest is Uri Sarid, PhD, CTO for MuleSoft, Inc. Sarid speaks about where he believes the future of machine learning (ML) applications in industry might go - he thinks applications might stay small and niche-based, and will develop based on how well each serves its individual purposes. He also gives his perspective on how companies may adapt to deal with these disparate ML technologies, and expands on his belief that finding ways to connect technologies will be an important path in the development of machine learning applications and platforms across industries.

This week on AI in Industry, we explore IoT security with Bob Baxley (Chief Engineer at Bastille). This includes information on how different IoT security is compared to infosec, the unique challenges IoT security presents (for detecting and scanning wireless network traffic that runs on various protocols and for classifying types of cyberthreats), what the future of IoT security might look like, and how deep learning and machine learning tools can be used to better classify and detect threats and attacks in the cyberspace.

Episode Summary: In this week’s episode, I speak with Igor Baikalov, chief scientist at cybersecurity company Securonix, about the trends in data security and where security itself has had to take a step up in the last five years. Igor touches on major meta-trends that have forced data security to advance, as well as what has made AI and machine learning a ‘requirement’ of modern data security strategy, something that has changed significantly in the last decade. Igor sheds light on these issues and likely future trends in cybersecurity over the next five to 10 years.

Episode Summary1: Fraud attacks have become much more sophisticated. Account takeovers are happening more often. Many security attacks involve multiple methods and unexpected attacks can devastate businesses in just a few days, as we saw with Neiman Marcus and Target. False promotion and abuse is seen not only on social media sites but is also targeted at business. To combat these risks, fraud solutions need to be smarter to keep pace with fraudsters to prevent attacks and react quickly when they do happen. This requires a fast-learning solution with the ability to continually evolve - which calls for the application machine learning for fraud detection. In this episode we talk to Kevin Lee from Sift Science and examine the shifts in the info security landscape over the past ten or fifteen year. Lee also highlights what new kinds of fraud are now possible and what machine learning solutions are available.

Episode Summary:Crowdsourcing is a relatively common term in technical vernacular today. Even if you're not a self-identified "techie", you may very may well have leveraged crowdsourcing in journalism, the sciences, public policy, or elsewhere. One area in which this concept hasn’t really taken off is in finance and hedge funds. In this episode, we speak with Numerai Founder Richard Craib, whose company is crowdsourcing a machine learning hedge fund. Their model is based on pooling data science talent from all over the world and using "anonymous" models to train financial data. These models compete against one another, and the winning models' creators are rewarded in bitcoin - a process based entirely on encryption and anonymity. Craib speaks about his overarching vision for the company, and also delves into his thoughts on the past, present, and future of AI applications in finance.

Stay Ahead of the Machine Learning Curve

At Emerj, we have the largest audience of AI-focused business readers online - join other industry leaders and receive our latest AI research, trends analysis, and interviews sent to your inbox weekly.